Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:10 a.m.10 views

CVE-2022-35987

TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...

7.5CVSS6.6AI score0.00396EPSS
Exploits0References1
CVE
CVE
added 2022/09/16 9:40 p.m.91 views

CVE-2022-35987

TensorFlow vulnerability CVE-2022-35987 affects DenseBincount: if weights shape does not match input (or is not length-0), a CHECK failure can be triggered, potentially allowing a denial-of-service. The issue is mitigated by applying the patch from commit bf4c14353c2328636a18bfad1e151052c81d5f43,...

7.5CVSS6.4AI score0.00396EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/16 9:40 p.m.6 views

CVE-2022-35987 `CHECK` fail in `DenseBincount` in TensorFlow

TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...

5.9CVSS7.5AI score0.00396EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/09/16 9:19 p.m.5 views

causalegm (>=0.2.1 <=0.2.5), chrombpnet (>=0.1.0 <=0.1.2) +3 more potentially affected by CVE-2022-35987 via tensorflow-gpu (=2.8.0)

tensorflow-gpu PYPI version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - causalegm =0.2.1, =0.1.0, =0.0.6, =2.3.5, =2.4.1 - tlaunch =0.0.2 Source cves: CVE-2022-35987 Source advisory: OSV:GHSA-W62H-8XJM-F...

7.5CVSS7.1AI score0.00396EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 9:19 p.m.6 views

clip-jax (=0.0.5) potentially affected by CVE-2022-35987 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-35987 Source advisory: OSV:GHSA-W62H-8XJM-FV49...

7.5CVSS7.1AI score0.00396EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 9:19 p.m.6 views

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35987 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35987 Source advisory: OSV:GHSA-W62H-8XJM-FV49...

7.5CVSS7.1AI score0.00396EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 9:19 p.m.4 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4899 more potentially affected by CVE-2022-35987 via tensorflow (>=1.0.1 <=2.7.1)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.5.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-35987 Source advisory: OSV:GHSA-W62H-8XJM-FV49...

7.5CVSS7.2AI score0.00396EPSS
Exploits0
Rows per page
Query Builder